CVE-2011-4079

Severity

40%

Complexity

80%

Confidentiality

48%

Off-by-one error in the UTF8StringNormalize function in OpenLDAP 2.4.26 and earlier allows remote attackers to cause a denial of service (slapd crash) via a zero-length string that triggers a heap-based buffer overflow, as demonstrated using an empty postalAddressAttribute value in an LDIF entry.

CVSS 2.0 Base Score 4. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:S/C:N/I:N/A:P).

Overview

Type

OpenLDAP

First reported 13 years ago

2011-10-27 20:55:00

Last updated 7 years ago

2017-08-29 01:30:00

Affected Software

OpenLDAP 2.0

2.0

OpenLDAP 2.4.6

2.4.6

OpenLDAP 2.4.7

2.4.7

OpenLDAP 2.4.8

2.4.8

OpenLDAP 2.4.9

2.4.9

OpenLDAP 2.4.10

2.4.10

OpenLDAP 2.4.11

2.4.11

OpenLDAP 2.4.12

2.4.12

OpenLDAP 2.4.13

2.4.13

OpenLDAP 2.4.14

2.4.14

OpenLDAP 2.4.15

2.4.15

OpenLDAP 2.4.16

2.4.16

OpenLDAP 2.4.17

2.4.17

OpenLDAP 2.4.18

2.4.18

OpenLDAP 2.4.19

2.4.19

OpenLDAP 2.4.20

2.4.20

OpenLDAP 2.4.21

2.4.21

OpenLDAP 2.4.22

2.4.22

OpenLDAP 2.4.23

2.4.23

OpenLDAP 2.4.24

2.4.24

OpenLDAP 2.4.25

2.4.25

OpenLDAP OpenLDAP

References

46599

Vendor Advisory

GLSA-201406-36

http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=507238713b71208ec4f262f312cb495a302df9e9

Patch

http://www.openldap.org/its/index.cgi/Software%20Bugs?id=7059;selectid=7059

[oss-security] 20111026 CVE Request: openldap2 UTF8StringNormalize() can cause a (one-byte) buffer overflow

[oss-security] 20111026 Re: CVE Request: openldap2 UTF8StringNormalize() can cause a (one-byte) buffer overflow

50384

USN-1266-1

https://bugzilla.redhat.com/show_bug.cgi?id=749324